Closed
Bug 1429542
Opened 7 years ago
Closed 7 years ago
Crash in mozilla::net::HttpChannelChild::Cancel
Categories
(Core :: Networking: HTTP, defect)
Tracking
()
RESOLVED
FIXED
mozilla59
Tracking | Status | |
---|---|---|
firefox-esr52 | --- | unaffected |
firefox57 | --- | unaffected |
firefox58 | --- | fixed |
firefox59 | --- | fixed |
People
(Reporter: marcia, Assigned: bkelly)
References
Details
(Keywords: crash, regression)
Crash Data
Attachments
(1 file)
1.07 KB,
patch
|
asuth
:
review+
gchang
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
This bug was filed from the Socorro interface and is
report bp-b1b3aba6-d058-4a3c-97b5-05ae10180110.
=============================================================
Seen while looking at nightly crash data: http://bit.ly/2CQ5EwO and seem to date back at least to 12-25 (crashes prior to 12-24 have been deleted)
URLs show up, and are mostly from the same sky.com site: https://news.sky.com/video/would-a-latte-levy-reduce-waste-11196296
Top 10 frames of crashing thread:
0 xul.dll mozilla::net::HttpChannelChild::Cancel netwerk/protocol/http/HttpChannelChild.cpp:2285
1 xul.dll mozilla::net::HttpChannelChild::OverrideRunnable::Run netwerk/protocol/http/HttpChannelChild.cpp:1503
2 xul.dll nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:1040
3 xul.dll mozilla::ipc::MessagePump::Run ipc/glue/MessagePump.cpp:97
4 xul.dll mozilla::ipc::MessagePumpForChildProcess::Run ipc/glue/MessagePump.cpp:301
5 xul.dll MessageLoop::RunHandler ipc/chromium/src/base/message_loop.cc:319
6 xul.dll MessageLoop::Run ipc/chromium/src/base/message_loop.cc:299
7 xul.dll nsBaseAppShell::Run widget/nsBaseAppShell.cpp:157
8 xul.dll nsAppShell::Run widget/windows/nsAppShell.cpp:344
9 xul.dll XRE_RunAppShell toolkit/xre/nsEmbedFunctions.cpp:877
=============================================================
Assignee | ||
Comment 1•7 years ago
|
||
Pretty sure I introduced this in bug 1204254. Probably just needs a nullptr check.
Assignee: nobody → bkelly
Blocks: 1204254
Status: NEW → ASSIGNED
status-firefox57:
--- → unaffected
status-firefox58:
--- → affected
Assignee | ||
Comment 2•7 years ago
|
||
Andrew, given that other code does nullptr checks for mNewChannel I think its clear this code should be doing it as well. I think I introduced this in bug 1204254.
Attachment #8941557 -
Flags: review?(bugmail)
Comment 3•7 years ago
|
||
Comment on attachment 8941557 [details] [diff] [review]
Make HttpChannelChild::OverrideRunnable check for nullptr before using mNewChannel. r=asuth
Review of attachment 8941557 [details] [diff] [review]:
-----------------------------------------------------------------
Does this want to get on the uplift bandwagon?
Attachment #8941557 -
Flags: review?(bugmail) → review+
Assignee | ||
Comment 4•7 years ago
|
||
Yea, I'll request uplift after the tree opens and I can push to inbound at least.
Pushed by bkelly@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/1ce7be8b2a72
Make HttpChannelChild::OverrideRunnable check for nullptr before using mNewChannel. r=asuth
Assignee | ||
Comment 6•7 years ago
|
||
Comment on attachment 8941557 [details] [diff] [review]
Make HttpChannelChild::OverrideRunnable check for nullptr before using mNewChannel. r=asuth
Approval Request Comment
[Feature/Bug causing the regression]: Bug 1204254
[User impact if declined]: Low frequency crashes
[Is this code covered by automated tests?]: I don't have exact steps to reproduce, so I do not have a test that specifically triggers this.
[Has the fix been verified in Nightly?]: Its been pushed to inbound, but is not in nightly yet.
[Needs manual test from QE? If yes, steps to reproduce]: No
[List of other uplifts needed for the feature/fix]: None
[Is the change risky?]: Minimal risk
[Why is the change risky/not risky?]: This patch simply adds a nullptr check.
[String changes made/needed]: None
Attachment #8941557 -
Flags: approval-mozilla-beta?
Comment 7•7 years ago
|
||
Comment on attachment 8941557 [details] [diff] [review]
Make HttpChannelChild::OverrideRunnable check for nullptr before using mNewChannel. r=asuth
A simple fix for crash. Beta58+.
Attachment #8941557 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
Comment 8•7 years ago
|
||
bugherder |
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla59
Comment 9•7 years ago
|
||
bugherder uplift |
Updated•7 years ago
|
status-firefox-esr52:
--- → unaffected
You need to log in
before you can comment on or make changes to this bug.
Description
•